Trend Micro outs dodgy Android “fan apps”

Sadly, despite the presence of Bouncer, the Android Market is no stranger to malware. A popular technique is to post fake apps posing as the real thing – or “fan apps”.

Security guys Trend Micro recently identified 37 such apps, and they’ve now been removed from the Android Market. But is the threat over? Not so much.

The apps in question were added by FREE ANDROID GAME FAN APPS, and included aggressive marketing techniques. For example, users were forced to share their downloads on Facebook and rate the game on the Android Market, while ads appeared in the notification bar.

An option to opt out of the advertising was included, however instructions were buried deep in the Android Market app description.

Shortcuts were also created on the users’ homescreens, but that was the least of their worries.

As with many of these dodgy apps, sensitive information was sent to remote servers when the app was run, including the OS version, IMEI and phone number.

Google might’ve removed the apps from the Android Market, but – as Trend Micro points out – there’s nothing to stop the “developer” uploading them to third-party app sources.